2014 Breaches - Sony Hack and leadership

 READ THIS POST ON LINKEDIN

The last Sony incident showed once again that this country needs to change things around as to cyber security.
 

I totally agree with Pres. Obama's speech and I was shocked to hear last night he had my same opinions about what to do. I'm an IT professional and I don't want to delve into political opinions and judgments about the current president's leadership but I think last night he said what the leader of the free world is expected to say in situations like these.

The President's speech has effectively pinpointed the current weaknesses of our national security and has cleared that, to counter these guys, you have to think like them.

Regardless of any political considerations (I don't want to go there), it's enough to have a look at Norse - IPViking Live to immediately realize, beyond what any words could describe, the dramatic payload caused by these attacks.

1. Companies want the government out of the way and are very reluctant to reveal they have been breached because it impacts their stock value. Therefore, they try to hide the thing and to counter the attackers with their internal resources. Well, looks like this is not enough. This is not the first time Sony had been badly breached, by the way; somebody will likely remember that PlayStation servers were compromised by a distributed denial of service attack some years ago that forced the company to take its servers down for weeks. This country has resources to counter these attacks but nothing can be done without exchanging information on a central level. I totally agree with Pres. Obama about this. This is a cyber war and you want the best guys out there to counter these criminals.  Let's kick them out of our systems and teach them they can't keep endangering our companies and our jobs.
2. This country needs more cyber security professionals. 100% right and help is on the way but things should change. I'm personally ready to do my share if I am asked, once I've finished my college, and there are other students going through this career path but they need help to get the best possible education. If this country really wants to do something about it, why not creating a grant or scholarship system to boost cyber security programs and ensure internship and part time work experience opportunities?  I think the best way to learn how to counter hackers is to think like them. In my opinion anti-hacking shouldn't be taught by professors (even though I greatly respect and esteem them) but by the greatest hackers willing to give their positive contribution.
3. Not releasing "The Interview" is a mistake: this is a sign of weakness and now any sociopathic or would-be criminal knows that he/she can make an impact and threaten the United States and any other Western country without relevant aftermaths. David against Goliath, sound familiar? I am not sure at all that North Korea is behind all this and, like I said, I'm not going to delve into politics but we can't let dictators impose on us what we can or can't talk about. This looks like the plot of a cheap political sci-fi movie. If  you think this is only my opinion, have a look at he latest threats from Pyongyang. 
4. An international coordinated action is necessary: we can't afford anymore to have these barbarians rampage around and harm our information systems and our economy. It's not only a matter of protecting the financial values of the companies and the jobs but also a matter of national security. Nowadays the most important facilities are connected and can be potentially exploited and used against us. If you think this is science fiction, you might be surprised to know that the infamous Stuxnet virus was designed to do just this and some nuclear facility had been compromised in the past.

Like I said, help is on the way but this country and the whole West needs decisive and resolute actions and it needs them now. Everybody needs to do their fair share at all levels.